[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNG6_LuQK9kDmWdB4_W1ja7gzMWnthaqukXXsZ9IhXN4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":22,"download_link":23,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":124,"fingerprints":283},"keensalon-companion","KeenSalon Companion","1.0.0","Keendevs","https:\u002F\u002Fprofiles.wordpress.org\u002Fkeendevs\u002F","\u003Cp>KeenSalon Companion is truly a must have companion for your website. It provides 5 useful and frequently used widgets that you can add to the sidebars to create an engaging website.\u003C\u002Fp>\n\u003Ch3>Widgets offered\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Card\u003C\u002Fli>\n\u003Cli>Package & Plan\u003C\u002Fli>\n\u003Cli>Recent Posts\u003C\u002Fli>\n\u003Cli>Feature\u003C\u002Fli>\n\u003Cli>Section Title\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin works best with themes developed by KeenSalon Theme.\u003C\u002Fp>\n\u003Cp>The plugin also provides simple yet clean code which allows developers to overwrite the plugin properties. The plugin offers a multiple numbers of filters and action hooks which for maximum flexibility to the developers.\u003C\u002Fp>\n","5 extremely useful custom widgets to create an engaging website.",0,922,"2020-05-18T03:35:00.000Z","5.3.21","4.4.0","5.6",[18,19,20,21],"posts","sidebars","social-links","widgets","https:\u002F\u002Fthemes.keendevs.com\u002Fkeensalon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkeensalon-companion.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"keendevs",2,30,84,"2026-04-04T09:16:13.424Z",[35,52,70,87,102],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":11,"num_ratings":11,"last_updated":45,"tested_up_to":46,"requires_at_least":15,"requires_php":47,"tags":48,"homepage":49,"download_link":50,"security_score":51,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"raratheme-companion","RaraTheme Companion","1.4.4","Rara Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fraratheme\u002F","\u003Cp>RaraTheme Companion is truly a must have companion for your website. It provides 23 useful and frequently used widgets that you can add to the sidebars to create an engaging website.\u003C\u002Fp>\n\u003Ch3>Widgets offered\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Advertisement\u003C\u002Fli>\n\u003Cli>A Featured Page\u003C\u002Fli>\n\u003Cli>Author Bio\u003C\u002Fli>\n\u003Cli>Call to Action\u003C\u002Fli>\n\u003Cli>Client Logo\u003C\u002Fli>\n\u003Cli>Contact\u003C\u002Fli>\n\u003Cli>Custom Categories\u003C\u002Fli>\n\u003Cli>Facebook Page\u003C\u002Fli>\n\u003Cli>FAQs\u003C\u002Fli>\n\u003Cli>Featured Post\u003C\u002Fli>\n\u003Cli>Icon Text\u003C\u002Fli>\n\u003Cli>Image Text\u003C\u002Fli>\n\u003Cli>Image\u003C\u002Fli>\n\u003Cli>Latest Tweets\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Popular Post\u003C\u002Fli>\n\u003Cli>Posts Category Slider\u003C\u002Fli>\n\u003Cli>Recent Post\u003C\u002Fli>\n\u003Cli>Snapchat\u003C\u002Fli>\n\u003Cli>Social Media\u003C\u002Fli>\n\u003Cli>Stat Counter\u003C\u002Fli>\n\u003Cli>Team Member\u003C\u002Fli>\n\u003Cli>Testimonial\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin works best with themes developed by Rara Theme.\u003C\u002Fp>\n\u003Cp>The plugin also provides simple yet clean code which allows developers to overwrite the plugin properties. The plugin offers a multiple numbers of filters and action hooks which for maximum flexibility to the developers.\u003C\u002Fp>\n","23 extremely useful custom widgets to create an engaging website.",10000,497772,"2026-01-06T05:43:00.000Z","6.9.4","7.4",[18,19,20,21],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fraratheme-companion","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fraratheme-companion.1.4.4.zip",100,{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":32,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":58,"tags":66,"homepage":68,"download_link":69,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"per-page-sidebars","Per Page Sidebars","2.0.3","Brian Layman","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrianlayman\u002F","","The Per Page Sidebars (PPS) plugin allows blog administrators to create a unique sidebar for each Page. No template editing is required.",1000,67740,10,"2018-03-14T19:32:00.000Z","4.9.29","3.1",[67,18,19,21],"pages","http:\u002F\u002FTheCodeCave.com\u002Fplugins\u002Fper-page-sidebars","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fper-page-sidebars.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":32,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":58,"tags":84,"homepage":85,"download_link":86,"security_score":24,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":26},"per-page-widgets","Per Page Widgets","0.0.7","Internet123","https:\u002F\u002Fprofiles.wordpress.org\u002Finternet123\u002F","\u003Cp>Control widget areas on a per-page \u002F per-post basis.\u003C\u002Fp>\n\u003Cp>Gives you the ability to show or hide individual widget areas on each page \u002F post as well as completely substituting the widgets shown in a specific widget area on a specific page or post.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>The plugin has not been tested below version 3.3.\u003C\u002Fp>\n","Control widget areas on a per-page \u002F per-post basis.",300,16944,5,"2012-07-02T14:07:00.000Z","3.4.2","3.3",[67,18,19,21],"http:\u002F\u002Fwww.i123.dk\u002Fwordpress-plugin-per-page-widgets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fper-page-widgets.0.0.7.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":62,"downloaded":95,"rating":11,"num_ratings":11,"last_updated":58,"tested_up_to":96,"requires_at_least":97,"requires_php":58,"tags":98,"homepage":58,"download_link":100,"security_score":51,"vuln_count":11,"unpatched_count":11,"last_vuln_date":25,"fetched_at":101},"galaxius-custom-sidebars","Galaxius Custom Sidebars","1.1","galaxiusmons","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxiusmons\u002F","\u003Cp>This allows you to quickly create a unique sidebar for any post, page, category page or for all posts belonging to a category. You simply enter a name for the sidebar when you create or edit a post, page or category. Browse to Appearance -> Widgets, find your new sidebar and add some widgets to it.\u003C\u002Fp>\n","Allows quick creation of unique sidebars for posts, pages and categories.",1806,"3.6.1","3.5.1",[99,67,18,19,21],"custom","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgalaxius-custom-sidebars.1.1.zip","2026-03-15T10:48:56.248Z",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":58,"tags":117,"homepage":119,"download_link":120,"security_score":121,"vuln_count":122,"unpatched_count":11,"last_vuln_date":123,"fetched_at":26},"woosidebars","WooSidebars","1.4.6","WooThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fwoothemes\u002F","\u003Cp>With WooSidebars, it’s possible to change the widgets that display in a sidebar (widgetized area) according to a context (for example, a specific page, a specific blog post, certain categories or the search results screen). Setting up a custom widget area to display across multiple conditions is as easy as a few clicks.\u003C\u002Fp>\n\u003Cp>Looking for a helping hand? \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fdocumentation\u002Fplugins\u002Fwoosidebars\u002F\" rel=\"nofollow ugc\">View plugin documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Looking to contribute code to this plugin? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwoocommerce\u002Fwoosidebars\u002F\" rel=\"nofollow ugc\">Fork the repository over at GitHub\u003C\u002Fa>. Please also read the CONTRIBUTING.md file, bundled within this plugin.\u003C\u002Fp>\n","WooSidebars adds functionality to display different widgets in a sidebar, according to a context (for example, a specific page or a category).",100000,2915654,78,48,"2024-04-03T17:11:00.000Z","6.5.8","4.1",[19,118,21],"widget-areas","http:\u002F\u002Fwoocommerce.com\u002Fwoosidebars\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoosidebars.1.4.6.zip",92,1,"2015-04-22 00:00:00",{"attackSurface":125,"codeSignals":192,"taintFlows":274,"riskAssessment":275,"analyzedAt":282},{"hooks":126,"ajaxHandlers":188,"restRoutes":189,"shortcodes":190,"cronEvents":191,"entryPointCount":11,"unprotectedCount":11},[127,133,138,141,145,150,154,159,164,168,172,176,180,185],{"type":128,"name":129,"callback":130,"priority":62,"file":131,"line":132},"action","add_meta_boxes","metabox","includes\\admin\\class-admin.php",8,{"type":128,"name":134,"callback":135,"file":136,"line":137},"init","register_post_types","includes\\class-cpt.php",11,{"type":128,"name":134,"callback":139,"file":136,"line":140},"register_taxonomies",12,{"type":128,"name":134,"callback":142,"priority":143,"file":136,"line":144},"flush_rewrite_rules",99,13,{"type":128,"name":146,"callback":147,"file":148,"line":149},"wp_enqueue_scripts","frontend_scripts","includes\\class-enqueue.php",15,{"type":128,"name":151,"callback":152,"file":148,"line":153},"admin_enqueue_scripts","admin_scripts",16,{"type":128,"name":155,"callback":156,"file":157,"line":158},"save_post","save_metabox","includes\\class-form-handler.php",7,{"type":128,"name":160,"callback":161,"file":162,"line":163},"widgets_init","keensalon_register_card_widget","includes\\widgets\\widget-card.php",157,{"type":128,"name":160,"callback":165,"file":166,"line":167},"keensalon_register_feature_widget","includes\\widgets\\widget-feature.php",128,{"type":128,"name":160,"callback":169,"file":170,"line":171},"keensalon_register_package_widget","includes\\widgets\\widget-package.php",199,{"type":128,"name":160,"callback":173,"file":174,"line":175},"keensalon_register_recent_post_widget","includes\\widgets\\widget-recent-post.php",169,{"type":128,"name":160,"callback":177,"file":178,"line":179},"keensalon_register_section_title_widget","includes\\widgets\\widget-section-title.php",114,{"type":128,"name":181,"callback":182,"file":183,"line":184},"admin_notices","closure","keensalon-companion.php",61,{"type":128,"name":134,"callback":186,"file":183,"line":187},"localization_setup",117,[],[],[],[],{"dangerousFunctions":193,"sqlUsage":199,"outputEscaping":201,"fileOperations":11,"externalRequests":122,"nonceChecks":122,"capabilityChecks":122,"bundledLibraries":273},[194],{"fn":195,"file":196,"line":197,"context":198},"unserialize","includes\\instagram-feeds.php",108,"return unserialize( base64_decode( $instagram ) );",{"prepared":11,"raw":11,"locations":200},[],{"escaped":202,"rawEcho":203,"locations":204},139,38,[205,208,211,213,215,217,219,221,222,224,225,227,228,230,231,233,235,237,239,240,241,243,244,246,248,250,252,254,256,257,259,261,263,265,267,268,270,272],{"file":131,"line":206,"context":207},53,"raw output",{"file":209,"line":210,"context":207},"includes\\functions.php",36,{"file":196,"line":212,"context":207},22,{"file":162,"line":214,"context":207},52,{"file":162,"line":216,"context":207},55,{"file":162,"line":218,"context":207},59,{"file":162,"line":220,"context":207},63,{"file":162,"line":220,"context":207},{"file":162,"line":223,"context":207},69,{"file":162,"line":197,"context":207},{"file":166,"line":226,"context":207},46,{"file":166,"line":214,"context":207},{"file":166,"line":229,"context":207},56,{"file":166,"line":220,"context":207},{"file":166,"line":232,"context":207},96,{"file":170,"line":234,"context":207},71,{"file":170,"line":236,"context":207},97,{"file":170,"line":238,"context":207},104,{"file":170,"line":197,"context":207},{"file":170,"line":167,"context":207},{"file":170,"line":242,"context":207},151,{"file":170,"line":242,"context":207},{"file":170,"line":245,"context":207},153,{"file":170,"line":247,"context":207},155,{"file":174,"line":249,"context":207},47,{"file":174,"line":251,"context":207},49,{"file":174,"line":253,"context":207},62,{"file":174,"line":255,"context":207},70,{"file":174,"line":112,"context":207},{"file":174,"line":258,"context":207},80,{"file":174,"line":260,"context":207},90,{"file":174,"line":262,"context":207},91,{"file":174,"line":264,"context":207},133,{"file":178,"line":266,"context":207},43,{"file":178,"line":249,"context":207},{"file":178,"line":269,"context":207},54,{"file":178,"line":271,"context":207},82,{"file":183,"line":220,"context":207},[],[],{"summary":276,"deductions":277},"The \"keensalon-companion\" v1.0.0 plugin exhibits a generally positive security posture with several good practices observed in the static analysis. Notably, there are no known CVEs, indicating a lack of publicly disclosed vulnerabilities. The plugin also demonstrates strong adherence to secure coding principles by exclusively using prepared statements for SQL queries, having no file operations, and performing external HTTP requests with a single, likely controlled, instance. The presence of nonce and capability checks, along with a relatively low percentage of unescaped output, further contribute to its security.\n\nHowever, a significant concern arises from the use of the `unserialize()` function. While the attack surface appears limited with no direct AJAX handlers, REST API routes, or shortcodes exposed without checks, the `unserialize()` function is inherently dangerous as it can lead to Remote Code Execution (RCE) if it processes untrusted data. Although taint analysis shows no flows with unsanitized paths, this could be an artifact of the analysis tools or a lack of complex data processing that would trigger such flows. The low percentage of unescaped output (79%) is also a minor concern, suggesting a few instances where sensitive data might be exposed.\n\nGiven the absence of a vulnerability history, it suggests the plugin has not been a target or has been developed with a reasonable degree of security awareness. The strengths lie in its minimal attack surface and secure database practices. The primary weakness is the presence of `unserialize()` without explicit data source validation in the static analysis, which warrants careful consideration and potential mitigation.",[278,280],{"reason":279,"points":149},"Use of dangerous unserialize function",{"reason":281,"points":80},"Output escaping not fully implemented (21% unescaped)","2026-03-17T06:34:10.734Z",{"wat":284,"direct":297},{"assetPaths":285,"generatorPatterns":290,"scriptPaths":291,"versionParams":292},[286,287,288,289],"\u002Fwp-content\u002Fplugins\u002Fkeensalon-companion\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fkeensalon-companion\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fkeensalon-companion\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fkeensalon-companion\u002Fassets\u002Fjs\u002Fadmin.js",[],[287,289],[293,294,295,296],"keensalon-companion\u002Fassets\u002Fcss\u002Ffrontend","keensalon-companion\u002Fassets\u002Fjs\u002Ffrontend","keensalon-companion\u002Fassets\u002Fcss\u002Fadmin","keensalon-companion\u002Fassets\u002Fjs\u002Fadmin",{"cssClasses":298,"htmlComments":302,"htmlAttributes":303,"restEndpoints":307,"jsGlobals":308,"shortcodeOutput":310},[299,300,301],"package_meta_box","add","remove",[],[304,305,306],"name=\"package","id=\"package_title\"","id=\"package_price\"",[],[309],"KEENSALON_COMPANION_uploader",[]]